The programmer behind the Samy MySpace worm has turned his mind to a potentially more useful - although just as as controversial - endeavor, resulting in the creation of a tool to connect two devices on separate networks without any port forwarding.
The pwnat utility is designed to create a tunnel between two computers on separate private networks over the Internet without the need to reconfigure the router for port forwarding - in other words, allowing end users to bypass restrictions that might be in place without needed administrative access to the router itself.
Samy Kamkar, a programmer with something of a checkered past following his creation of a cross-site scripting worm attacking MySpace and subsequent arrest for the same, describes the utility as "a proxy server that works behind a NAT [router], even when the client is [also] behind a NAT, without any third party," and explains that pwnat means that "both sides are fully communicating over UDP, allowing protocols that run over TCP to tunnel through."
The pwnat utility is based on the updtunnel tool created by Daniel Meekins, along with Kamkar's previous software chownat.
While the tool certainly has legitimate uses, it's something that will give those who rely on NAT 'firewalls' for protection pause for thought - if a router configured to block all incoming traffic is transparent to the pwnat tool, how much other traffic could be transmitted without the owner's knowledge?
Softpedia explains that the utility could be used to improve the speed of BitTorrent-style peer-to-peer systems without needing any knowledge of configuring their routers for port forwarding.
For those curious as to how the utility works - or who are a trifle concerned about blindly trusting code from the creator of a worm - Kamkar has made his source code fully available.
Can you see a wealth of possibilities for the pwnat tool, or does it seem a trifle worrying that it is so easy to bypass the protections NAT offers? Share your thoughts over in the forums.
The pwnat utility is designed to create a tunnel between two computers on separate private networks over the Internet without the need to reconfigure the router for port forwarding - in other words, allowing end users to bypass restrictions that might be in place without needed administrative access to the router itself.
Samy Kamkar, a programmer with something of a checkered past following his creation of a cross-site scripting worm attacking MySpace and subsequent arrest for the same, describes the utility as "a proxy server that works behind a NAT [router], even when the client is [also] behind a NAT, without any third party," and explains that pwnat means that "both sides are fully communicating over UDP, allowing protocols that run over TCP to tunnel through."
The pwnat utility is based on the updtunnel tool created by Daniel Meekins, along with Kamkar's previous software chownat.
While the tool certainly has legitimate uses, it's something that will give those who rely on NAT 'firewalls' for protection pause for thought - if a router configured to block all incoming traffic is transparent to the pwnat tool, how much other traffic could be transmitted without the owner's knowledge?
Softpedia explains that the utility could be used to improve the speed of BitTorrent-style peer-to-peer systems without needing any knowledge of configuring their routers for port forwarding.
For those curious as to how the utility works - or who are a trifle concerned about blindly trusting code from the creator of a worm - Kamkar has made his source code fully available.
Can you see a wealth of possibilities for the pwnat tool, or does it seem a trifle worrying that it is so easy to bypass the protections NAT offers? Share your thoughts over in the forums.
RELATED ARTICLES
MSI MPG Velox 100R Chassis Review
October 14 2021 | 15:04
Want to comment? Please log in.